Meanwhile in Britain, Qadars v3 Hardens Evasion, Targets 18 UK Banks

IBM X-Force Research reported that the operators of the Qadars Trojan have been progressively updating the malware’s defenses and tailoring its configurations to target 18 banks in the U.K. In addition to its recent U.K. activity, the researchers found that Qadars campaigns launched in early September 2016 mainly targeted banks in the Netherlands, U.S. and Germany.

 This activity comes on the heels of an uptick of Ramnit Trojan attacks against U.K. banks. After a period of relatively low activity, during which cybercriminals shifted their focus to Germany, Brazil and the U.S., it seems the U.K. is back on fraudsters’ radar.

Qadars Makes the Rounds

From a global perspective, Qadars’ operators have been making the rounds, targeting banks all over the world in separate bouts of online banking fraud attacks since 2013. By count of targeted brands, it appears the gang remains most inclined to attack in Europe.

Between 2013 and 2014, the malware mainly targeted banks in France and the Netherlands. Its top targets between 2015 and 2016 were Australia, Canada, the U.S. and the Netherlands. This past year, Qadars operators focused primarily on the Germany, Poland, the U.S. and the Netherlands.

X-Force Research indicated that while most of Qadars’ targets have been banks, it is also after social networking credentials, online sports betting users, e-commerce platforms, payments and card services, among others.

This post was part of my work with IBM X-Force. Read the complete post here.